The First Step Is a Documented Security Assessment

A few weeks ago, we sent out information about the FEMA Nonprofit Security Grant Program, often referred to as NSGP. Since then, one question has continued to come up from pastors, church administrators, and safety team leaders:

Did you know your church may be eligible for up to $200,000 in security grant funding?

For many churches, that answer may be yes.

Under FY 2025 guidance, eligible nonprofit organizations may apply for up to $200,000 per location or physical site. In some cases, a nonprofit organization with multiple locations may be able to submit multiple applications, with certain state-specific limits. The Virginia Department of Emergency Management, for example, stated that “the maximum amount for an individual application is $200,000” and that a nonprofit may submit up to three projects totaling $600,000, with each facility requiring a vulnerability assessment and investment justification (Virginia Department of Emergency Management).

That last part is important.

The FEMA nonprofit security grant process is not simply about asking for cameras, stronger doors, access control, lighting, fencing, radios, or emergency communication tools. It is about showing a documented need. Churches must be able to identify risks, connect those risks to real vulnerabilities, and explain how the requested improvements would strengthen the safety and security of the facility.

That is where many churches get stuck.

What Is the FEMA Nonprofit Security Grant Program?

The Nonprofit Security Grant Program is a federal grant program administered by the Department of Homeland Security and FEMA. The purpose of the program is to help eligible nonprofit organizations strengthen their ability to prevent, protect against, respond to, and recover from terrorist attacks and other security threats.

For churches, that can include physical security enhancements, security-related planning, training, exercises, and preparedness efforts. Depending on the final rules and state guidance, potential projects may include items such as surveillance cameras, access control systems, reinforced doors, security film, exterior lighting, fencing, locks, alarm systems, emergency communication equipment, and other target-hardening measures.

But churches need to understand something clearly: grant reviewers are not just looking for a shopping list.

They are looking for a justified request.

A church that says, “We need cameras,” may not be as strong as a church that says, “Our assessment identified unmonitored entry points, poor visibility in exterior areas, limited ability to observe children’s ministry entrances, and no current video documentation system. The requested camera system directly addresses those vulnerabilities.”

That is the difference between wanting equipment and documenting risk.

Why Churches Should Pay Attention Now

Church safety is no longer a side issue. Churches are dealing with more than Sunday morning worship services. They are dealing with children’s ministry operations, weekday activities, school programs, counseling appointments, community events, outside groups using the building, domestic issues, mental health crises, disruptive individuals, theft, vandalism, and the possibility of targeted violence.

That does not mean every church should operate in fear. It does mean every church should operate with wisdom.

A strong church safety plan starts with a clear understanding of the facility. Where are the weak points? Who has access? Which doors are being used during services? Are children’s ministry areas protected? Are parking lots visible? Are volunteers trained? Does the church have written procedures? Does the safety team know how to respond to a medical emergency, missing child, suspicious person, disruptive individual, or active threat?

These questions matter because security is not built by accident.

It is built through assessment, planning, training, and follow-through.

The Vulnerability Assessment Is a Critical Piece

One of the most important parts of the FEMA NSGP process is the vulnerability assessment. State guidance can vary, but churches should expect that the assessment will be a key part of the application packet.

The Virginia Department of Emergency Management listed three required documents for a complete FY 2025 application packet: a completed Investment Justification, a mission statement, and “a copy of the Vulnerability Assessment on which the request in the application is based” (Virginia Department of Emergency Management).

That means the assessment is not just a helpful tool. In many cases, it is the foundation of the request.

A proper assessment helps answer several important questions.

What are the current vulnerabilities?

Every church has vulnerabilities. Some are obvious. Some are not. A side door that does not latch properly, a dark parking area, an unsecured children’s hallway, a lack of radio communication, or a poorly defined check-in process may all create risk.

What are the priorities?

Not every issue carries the same level of concern. A broken exterior door near children’s ministry may need to be addressed before a cosmetic upgrade to the lobby. A good assessment helps leadership prioritize what matters most.

What improvements are reasonable?

Grant requests need to be logical. If a church asks for a major security investment, it should be able to explain why that investment is needed and how it connects to the documented vulnerabilities.

What documentation does the church have?

A church may know it has security problems, but if those problems are not documented, the grant request may be weaker. Documentation creates clarity for leadership, grant reviewers, and future planning.

Why Waiting Until the Grant Window Opens Is a Mistake

Many churches wait too long.

They hear about the grant, get interested, and then realize they need a vulnerability assessment, an Investment Justification, organizational documentation, vendor quotes, project descriptions, leadership approval, and possibly state-specific submission requirements.

By then, the deadline may already be close.

The churches that are most prepared are usually the ones that start early. They assess the facility before the application window opens. They identify priority projects. They collect quotes. They make sure their nonprofit documentation is in order. They understand the state process. They have a clear plan before the pressure of the deadline hits.

That preparation matters.

The grant process is competitive. Funding is not guaranteed. A church should not assume that being eligible means it will automatically receive money. But a prepared church is in a far better position than a church trying to pull everything together at the last minute.

How Protect His House Can Help

Protect His House offers a Church Security Assessment & Risk Registry process designed to help churches identify vulnerabilities, strengthen readiness, and create professional documentation for future planning.

According to the PHH assessment page, the process gives churches “a complete picture of your current security posture” and provides an Executive Security Report and detailed Risk Registry that outlines top vulnerabilities and how to fix them (Protect His House).

This is often the first step churches take before making security improvements or pursuing funding opportunities.

PHH currently offers two assessment options.

Option 1: Self-Assessment

The Self-Assessment option is currently listed at $297.

This option is designed for churches that want to complete the assessment internally using guided forms and checklists provided by Protect His House. Your team walks through the property, evaluates key areas, documents findings, and submits the completed materials back to PHH.

Protect His House then reviews the findings and creates the final deliverables.

The Self-Assessment includes:

Assessment Forms and Checklists

Your church receives structured tools to guide the evaluation process.

Guided Evaluation Process

Your team is not starting from scratch. The forms help you know what to look for and how to document it.

Review of Submitted Materials

PHH reviews the information your church provides and organizes it into professional documentation.

Executive Security Report

This report provides a professional summary of findings, key vulnerabilities, and recommended priorities.

Risk Registry

The Risk Registry gives your church a prioritized breakdown of vulnerabilities, recommendations, mitigation steps, and implementation guidance.

For churches with capable internal leadership or an established safety team, this can be a practical and affordable first step.

Option 2: On-Site Assessment

The On-Site Assessment option is currently listed at $900.

This is the hands-on option where a Protect His House representative comes to your church and conducts the assessment in person. PHH evaluates the facility, identifies vulnerabilities, documents findings, and then builds the final report and risk registry based on the assessment.

The On-Site Assessment includes:

On-Site Facility Evaluation

A PHH representative physically walks the property and evaluates key areas.

Identification of Vulnerabilities and Weak Points

This includes looking at access points, exterior areas, children’s ministry spaces, emergency readiness, facility layout, and other security concerns.

Executive Security Report

Your church receives a professional summary that can guide leadership decisions.

Risk Registry With Prioritized Recommendations

Your team receives a structured breakdown of vulnerabilities, mitigation recommendations, and implementation guidance.

For many churches, the on-site option is the strongest choice because it brings experienced eyes to the property. Internal teams often overlook things because they see the building every week. An outside assessment can help reveal gaps that have become normal over time.

What Is a Risk Registry?

A Risk Registry is more than a list of problems. It is a structured document that identifies vulnerabilities, prioritizes them, and provides recommended mitigation steps.

In a church setting, a Risk Registry may address issues such as:

Uncontrolled Access Points

Side doors, children’s ministry entrances, gym entrances, office doors, and fellowship hall access points can all create risk if they are not monitored or controlled.

Poor Exterior Lighting

Parking lots, rear entrances, playgrounds, and side walkways should be evaluated for visibility, safety, and deterrence.

Weak Children’s Ministry Controls

Check-in procedures, release policies, hallway supervision, classroom access, and volunteer identification all matter.

Lack of Emergency Communication

Teams need a way to communicate quickly during a medical emergency, missing child incident, disruptive person call, severe weather event, or active threat.

No Written Procedures

If the safety team does not have written procedures, response becomes inconsistent. People may mean well, but they may not respond the same way under stress.

Limited Training Documentation

Churches should know who has been trained, what they were trained in, and when retraining is needed.

A Risk Registry helps move the church from general concern to a clear plan. It tells leadership what the issues are, what matters most, and what should happen next.

How Grey Group Can Help With Grant Writing

Protect His House helps churches identify vulnerabilities, document risks, and create assessment materials that can support future security planning and potential funding opportunities.

For churches that need help with the actual grant writing process, PHH also partners with Grey Group.

Grey Group can assist churches with preparing the grant application, writing the narrative, organizing required information, and helping the church present the request clearly. This can be especially valuable for churches that do not have someone on staff with grant writing experience.

The assessment and the grant application are connected, but they are not the same thing.

The assessment identifies the vulnerabilities and documents the need. The grant writer helps turn that information into a strong application package that follows the rules of the program.

What Churches Should Do Now

If your church is interested in FEMA nonprofit security grant funding, the time to start preparing is before the deadline is announced or before the application window is already closing.

Here are the practical next steps.

1. Confirm Your Eligibility

Houses of worship are listed as eligible entities in FY 2025 state guidance, but churches should still confirm their nonprofit status and review the specific requirements in their state.

2. Identify Your State Process

Churches typically do not apply directly to FEMA. Applications are usually submitted through the State Administrative Agency, such as a state emergency management or homeland security office. Requirements and deadlines may vary.

3. Complete a Vulnerability Assessment

This is one of the most important pieces. The assessment helps document the risks and connect them to the requested improvements.

4. Build a Prioritized Improvement Plan

Know what you need and why you need it. Cameras, access control, lighting, doors, radios, fencing, and training should all connect back to documented vulnerabilities.

5. Gather Documentation Early

Do not wait until the last minute. Organizational documents, mission statements, quotes, facility information, project details, and internal approvals can all take time.

6. Get Help When Needed

Pastors and church leaders already carry a lot. Security assessments and grant applications require detail, documentation, and careful planning. Getting help early can save time and strengthen the final package.

This Is About Stewardship, Not Fear

Church safety should not be driven by panic.

It should be driven by stewardship.

The goal is not to turn the church into a fortress. The goal is to create a safe, prepared, and welcoming environment where people can worship, serve, learn, and gather with confidence.

A good assessment does not create fear. It creates clarity.

It helps your church understand what is working, what needs attention, and what steps should come next. It gives leadership a realistic picture of the facility and provides a path forward.

If your church may be eligible for FEMA nonprofit security grant funding, do not wait until the application window opens to begin thinking about security. Start with the assessment. Document the risks. Build the plan. Then, when the opportunity comes, your church will be ready.

Schedule Your Church Security Assessment

Protect His House offers both Self-Assessment and On-Site Assessment options for churches that want to identify vulnerabilities, strengthen readiness, and prepare for future security improvements or funding opportunities.

You can schedule your assessment directly through Protect His House.

If your church also needs help writing the grant, we can connect you with Grey Group to assist with that part of the process.

The opportunity is real. The need is real. The preparation starts now.

Works Cited

Federal Emergency Management Agency. “FY 2025 Nonprofit Security Grant Program Key Changes.” FEMA, 12 Aug. 2025.

Protect His House. “Church Security Assessment & Risk Registry.” Protect His House, 2026.

Virginia Department of Emergency Management. “FY25 Nonprofit Security Grant Program.” Virginia Department of Emergency Management, 2025.